The fact is your computer could be working for an enemy. Left unchecked, your computer may be performing under the authority of someone else to betray your digital assets and personal information.
We want to help you protect your digital assets. This post provides cybersecurity tips and resources for your home and office computers, including some very good information from the FDIC’s Consumer News Winter 2016 release.
What are digital assets?
Digital assets are the ways and means of accessing, managing and providing your finances. They are the among the most important assets a modern family has – but you won’t find them on any balance sheet. The email account used to access your online banking account is a digital asset, so is your computer logon user ID and password. Other digital assets would include your budget worksheet in Excel, your QuickBooks file, Résumé, online banking user ID and password, your family photos… anything that exists in a digital format and comes with a right to use.
Digital assets include programs and apps on your computer or portable device, not just the files these apps use.
If you use your iPad to access your banking accounts, protect that access by requiring a good password simply to get past the lock screen. If you don’t impose that basic security, in seconds some curious and ill-meaning person can quickly do you harm.
Like any asset, your many digital possessions should be protected, but for different reasons.
- You want friends and family to know your email address, but you do not want anyone to know how to log in to that account. If someone has your email address they can communicate with you, but if they have access to that email account they can change the account password to lock you out and perform all sorts of harmful actions against you, e.g. access your financial accounts, or run up credit charges or even submit credit card applications using your financial information.
- You don’t mind sharing photos of your children or grandchildren to friends, but the thought of child molesters using your stolen digital photos to identify their next victim is too horrible to contemplate. Perhaps many families never thought they needed to protect their family photos until it was too late.
Be smart. Protect your digital assets! Here’s how.
Just as you put locks on your home windows and doors, you should “lock down” your network and the computer devices that connect to it.
- Your wireless network should require a password to access.
- Use strong passwords that are NOT WRITTEN DOWN where anybody can find them.
- Use a different password for online banking than for other sites.
- Computers, tablets and smartphones should require a strong password to open.
- A modern Operating System (OS) should be installed.
The FDIC suggests using a different computer or tablet solely for online banking or shopping. Prices have dropped so dramatically that this may be a feasible consideration for many of you. But whether you have multiple computers or not, you should absolutely have multiple passwords and make sure the passwords to financial websites are not shared. Then, if someone breaches one site or guesses one password, they won’t be able to easily access the other sites.
Carefully and routinely monitor your bank accounts for fraudulent activity. Check your online bank accounts at least once a week to make sure there are no activities suggesting you’ve been hacked and reconcile your monthly statements.
Cover the Basics
Cyber threats are almost always overcome with a regular and basic routine. For example, keep your computer’s operating system (OS) and other software is up-to-date. Most software companies will distribute patches and updates to address new security vulnerabilities. Your computer and devices will allow you to automatically install these updates as soon as they are available – we recommend you choose that option unless you have technical background to choose another option.
Other basics are to install anti-malware software on the computer or devices that support it (in March 2015 we provided details about detecting and avoiding malware) and enable the firewall on each computer.
If you run a business, pay particular attention to our “Security Check on First Friday of Each Quarter” post with IT security audit suggestions. Computers connected to the company network and allowed to access the internet should be running the latest operating system (OS); Windows-based computers should be running Windows 10 and Macs should be running OS X El Capitan. A connected computer running an earlier version of either operating system can be easily compromised to expose sensitive company information (and probably already has). Older Windows machines can be upgraded for free, with no Windows license fee, until July 29, 2016.
A modern OS allows you to encrypt your local hard drive(s) and other storage devices such as USB sticks and SD cards. Even if someone steals your hard drive or portable storage drive, they can’t read the information on it unless they have the encryption key.
Be very careful about where and how you connect to the Internet. While most people casually connect to free internet access, you should know better. It is child’s play for someone with bad motives to hack you – not merely your computer – at such places as a coffee shop or co-working location. The shared wireless access at such places means you could be sharing a network connection with a hacker which makes it easy for him or her get your Facebook login credentials and email account access. Some of the threats at these places are even easier to pull off. Security cameras (or cell phone cameras) may capture your computer screen and keyboard strokes. (The next time you take your laptop to a coffee shop and sit at your favorite table, look to see if there is a camera above and behind you or if a person near you has placed a camera facing your keyboard and screen.)
You should protect your home and office wireless network for the same reasons. These days, your wireless router should be configured to use WPA2. Disable WPS entirely because WPS’ convenience is a security vulnerability even when it is not in use, and do not use WEP for password security.
Other basics are covered in our “Guide to Internet Security” blog post.
Free IT Security Resources from the FDIC
The FDIC provides excellent resources for teaching good cybersecurity tips and techniques. Their Winter 2016 Consumer News included three very good web pages to help you observe online security best-practice and we encourage everyone to carefully review them:
- Get information on how to protect your online banking devices and how to deal with 3rd party financial people online. Read “Protect Your ‘Cyber Home’ With a Solid Foundation” from the FDIC’s Consumer News – Winter 2016 release.
- We urge you to take the Cybersecurity IQ test! You will learn a lot and be better prepared to protect yourself and your family.
- The FDIC”s Cybersecurity Checklist should be saved and reviewed during your personal quarterly IT security audit. It lists 10 things every bank customer should do to protect their money by protecting their computers from criminals.
Peoples Bank puts much time and effort into being the best bank for Real People. The best bank should be stable, secure, accessible, progressive – and help the community to be the same. That’s part of our mission and why we regularly post Online Security tips on this blog site. It would be helpful to periodically review these tips. Bookmark this page to get the current list of all the Peoples Bank Online Security blog posts: https://blog.peoplesbanknc.com/category/online-security.